GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
325 advisories
Filter by severity
Quick Heal Total Security before 12.1.1.27 has a TOCTOU race condition that leads to privilege...
High
Unreviewed
CVE-2022-31466
was published
May 24, 2022
A Time of Check Time of Use (TOCTOU) vulnerability was reported in IMController, a software...
High
Unreviewed
CVE-2021-3969
was published
May 19, 2022
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted...
Moderate
Unreviewed
CVE-2015-1743
was published
May 14, 2022
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced...
High
Unreviewed
CVE-2018-8584
was published
May 13, 2022
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka ...
Low
Unreviewed
CVE-2018-8449
was published
May 13, 2022
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka ...
Low
Unreviewed
CVE-2018-0966
was published
May 13, 2022
An ability to process crash dumps under root privileges and inappropriate symlinks handling could...
High
Unreviewed
CVE-2017-15404
was published
May 13, 2022
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows...
Moderate
Unreviewed
CVE-2017-11830
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libstagefright). Product:...
High
Unreviewed
CVE-2017-0756
was published
May 13, 2022
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious...
High
Unreviewed
CVE-2017-0412
was published
May 13, 2022
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious...
High
Unreviewed
CVE-2017-0411
was published
May 13, 2022
An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious...
High
Unreviewed
CVE-2017-0331
was published
May 13, 2022
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0,...
Moderate
Unreviewed
CVE-2018-6693
was published
May 13, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMinder through 1.32.3 as a...
High
Unreviewed
CVE-2019-7347
was published
May 13, 2022
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check...
Critical
Unreviewed
CVE-2019-7249
was published
May 13, 2022
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600...
High
Unreviewed
CVE-2019-5519
was published
May 13, 2022
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV...
High
Unreviewed
CVE-2019-0836
was published
May 13, 2022
dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2...
High
Unreviewed
CVE-2013-3888
was published
May 13, 2022
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in...
Moderate
Unreviewed
CVE-2018-16872
was published
May 13, 2022
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a...
Moderate
Unreviewed
CVE-2021-26347
was published
May 12, 2022
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a...
Moderate
Unreviewed
CVE-2021-26350
was published
May 12, 2022
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
Low
Unreviewed
CVE-2013-4235
was published
May 5, 2022
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain...
Moderate
Unreviewed
CVE-2004-0594
was published
Apr 29, 2022
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch...
Moderate
Unreviewed
CVE-2003-0813
was published
Apr 29, 2022
ProTip!
Advisories are also available from the
GraphQL API